CVE-2006-1764

Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Published: Apr 13, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-1764
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:C/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
hosting_controller / hosting_controller	6.1_hotfix_1.4	6.1_hotfix_1.4.x
hosting_controller / hosting_controller	1.1	1.1.x
hosting_controller / hosting_controller	1.3	1.3.x
hosting_controller / hosting_controller	6.1_hotfix_1.9	6.1_hotfix_1.9.x
hosting_controller / hosting_controller	6.1_hotfix_2.8	6.1_hotfix_2.8.x
hosting_controller / hosting_controller	6.1_hotfix_2.3	6.1_hotfix_2.3.x
hosting_controller / hosting_controller	2002	2002.x
hosting_controller / hosting_controller	6.1_hotfix_1.7	6.1_hotfix_1.7.x
hosting_controller / hosting_controller	2002_rc_1	2002_rc_1.x
hosting_controller / hosting_controller	1.4b	1.4b.x
hosting_controller / hosting_controller	6.1_hotfix_2.1	6.1_hotfix_2.1.x
hosting_controller / hosting_controller	-	6.1_hotfix_2.9.x
hosting_controller / hosting_controller	6.1_hotfix_2.0	6.1_hotfix_2.0.x
hosting_controller / hosting_controller	6.1	6.1.x
hosting_controller / hosting_controller	1.4.1	1.4.1.x
hosting_controller / hosting_controller	1.4	1.4.x

Vulnerability Database

289,871

CVE-2006-1764